<!--#include file=conn.asp-->
<!--#include virtual="/inc/md5.inc"-->
<%
Dim admin,password,sql
		admin=strlogin(Request.cookies("xywapbook")("xywapbook_username"))
		password=md5(strlogin(Request.cookies("xywapbook")("xywapbook_password")))


	Set Rs = Server.CreateObject("Adodb.Recordset")
	Sql = "SELECT * FROM qingtian_admin WHERE name='" &admin&"' and pass='" &password &"'"
	Rs.Open Sql,conn,1,1
	if not (rs.bof and rs.eof)  then 
	session("adminname")=rs("name")
	Session("adminpassword")=rs("pass")
	else
	  Response.write "<script>top.location.href='login.asp';</script>"
	  Response.End
	end if
%>